So I want to eliminate a hardware pfSense box by virtualizing the OS on Hyper-V 2012 R2. One of the 2 WAN connections I would like to use is a VDSL connection.

I can put the VDSL modem into bridge mode, but would then need to establish the connection via PPPoE.

Have any of you tried connecting PPPoE over a Hyper-V Virtual Switch? What I was thinking of doing was creating an External switch, assigning a LAN port to it and plugging only one interface of the virtual pfSense install into that virtual switch.

1st Post

Tcpdump on the pfSense VM shows the PPPoE PADI packet go out but nothing ever comes back and the PPP sessions fails to establish.

There is connectivity if configured as ethernet only WAN.

I've tried from a Windows 8.1 VM as well with no luck. The VM has lan/internet connectivity but the PPP session fails to establish with error 651: the modem or other connecting device has reported an error.

pfSense VM had a legacy network adapter and the Win8.1 had the normal network adapter.

I should mention I can establish a PPPoE session from the 2012 server host itself.

Tcpdump on the pfSense VM shows the PPPoE PADI packet go out but nothing ever comes back and the PPP sessions fails to establish.

There is connectivity if configured as ethernet only WAN.

I've tried from a Windows 8.1 VM as well with no luck. The VM has lan/internet connectivity but the PPP session fails to establish with error 651: the modem or other connecting device has reported an error.

pfSense VM had a legacy network adapter and the Win8.1 had the normal network adapter.

I should mention I can establish a PPPoE session from the 2012 server host itself.

No, I never got it to work. I had the exact same problem as you. Was the WAN adapter also showing as disabled on pfSense to you?

An update on this. I got it to work. Not exactly sure how or why though...

It seemed to coincide with creating a SR-IOV switch. In doing this it looks like the firewall was enabled automatically on the bridged interface. I disabled the firewall and was fiddling with the MAC spoofing and protected network settings when I saw the PPP session establish in wireshark.

Currently MAC spoofing is enabled and protected network disabled. This is on a legacy network adapter.

So it could be the SR-IOV switch, the firewall, MAC spoofing functioning/not functioning properly (see log below) or protected network settings or some magic combination.

SR-IOV is not supported on this hardware - found a log:

Port D30883D8-A89D-1709-8019-G2EEF063BBE0 (Friendly Name: Dynamic Ethernet Switch Port) has MAC address spoofing enabled. This is not supported on the associated switch 710E4071-8559-4128-AFF4-F2161124E61D (Friendly Name: Ext SR-IOV) because IOV is enabled. Traffic with a spoofed MAC address will not function properly.

This is a NUC, so single NIC. Both NIC's on pfSense are on the same external vSwitch which is bridged to the the NIC. Management traffic is also enabled. There is no VLAN configuration on the host or pfSense.